07-15-2019 08:15 AM
Hi
The scenario here is I have a VPDN tunnel from 1 broadband provider which is using an old RADIUS and then I have anew VPDN tunnel from a different broadband provider who I want to put on a new RADIUS server. The long term plan is to move all the broadband connections to the new provider and decommission the old RADIUS as part of the same project. However I cant see for the life of me where/how I would configure this to happen.
Any Help would be greatly appreciated. I’m doing this on a ASR-1001
Thanks
Solved! Go to Solution.
07-29-2019 02:21 AM
I have resolved this issue by doing the following:
Create the RADIUS servers:
radius server ISE01
address ipv4 ###.###.###.### auth-port 1812 acct-port 1813
timeout 10
key ####
!
radius server ISE02
address ipv4 ###.###.###.### auth-port 1812 acct-port 1813
timeout 10
key ####
Now create a group with those servers in
aaa group server radius VPDN-NewISE-Radz
server name ISE01
server name ISE02
Now create an authentication list with that group in
aaa authentication ppp NewISERadzAuthList group VPDN-NewISE-Radz none
Now add this authentication list to the Virtual-Template
interface Virtual-Template3
ppp authentication chap NewISERadzAuthList
07-29-2019 02:21 AM
I have resolved this issue by doing the following:
Create the RADIUS servers:
radius server ISE01
address ipv4 ###.###.###.### auth-port 1812 acct-port 1813
timeout 10
key ####
!
radius server ISE02
address ipv4 ###.###.###.### auth-port 1812 acct-port 1813
timeout 10
key ####
Now create a group with those servers in
aaa group server radius VPDN-NewISE-Radz
server name ISE01
server name ISE02
Now create an authentication list with that group in
aaa authentication ppp NewISERadzAuthList group VPDN-NewISE-Radz none
Now add this authentication list to the Virtual-Template
interface Virtual-Template3
ppp authentication chap NewISERadzAuthList
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: